Penetration Tester

Sencode Ltd
10 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
£ 45K

Job location

Remote

Tech stack

Private Networks
Microsoft Active Directory
API
Amazon Web Services (AWS)
Software System Penetration Testing
User Authentication
Azure
Bash
Cloud Computing
Cloud Computing Security
Continuous Integration
Linux
Fat Client
Mobile Application Software
Python
Network Protocols
Open Web Application Security
Session Management
Web Applications
Google Cloud Platform
Devsecops

Job description

We are seeking a skilled Penetration Tester to join our delivery team. This is a hands-on, client-facing role focused on conducting high-quality technical assessments and producing clear, practical reports.

You will work across a range of engagements including web applications, APIs, cloud platforms, internal and external infrastructure, and authenticated environments. The role requires strong technical ability, structured methodology, and the confidence to work directly with clients.

Key Responsibilities

  • Deliver penetration testing engagements across:

  • Web applications and APIs

  • Cloud environments (AWS, Azure, GCP)

  • Internal and external infrastructure

  • Mobile applications where required

  • Perform manual testing supported by appropriate tooling, focusing on real-world exploitability.

  • Produce clear, structured, and client-ready technical reports within agreed delivery timelines.

  • Participate in client debrief calls to explain findings and remediation steps.

  • Support retest activities and validation of remediation.

  • Follow CREST-aligned methodologies and internal quality assurance processes.

  • Contribute to internal research, tooling, and methodology improvements.

  • Maintain accurate engagement notes and evidence within the Sencode Portal.

Requirements

Do you have experience in Report writing?, * Proven hands-on penetration testing experience across web and infrastructure environments.

  • Strong understanding of:

  • Web application vulnerabilities (OWASP Top 10 and beyond)

  • Authentication, authorisation, and session management flaws

  • Network protocols and common infrastructure weaknesses

  • Experience using industry-standard tools

  • Comfortable working in Linux-based testing environments.

  • Ability to script or automate tasks using Python, Bash, or similar.

  • Strong report writing and communication skills.

Desirable:

  • Experience with cloud security testing.

  • Mobile or thick-client testing experience.

  • Active Directory and internal network exploitation.

  • Exposure to CI/CD or DevSecOps environments.

Certifications

One of the following is required:

  • OSCP (OffSec Certified Professional) OR CREST CRT (Registered Penetration Tester)

Personal Attributes

  • Professional, reliable, and delivery-focused.

  • Comfortable working in a client-facing consultancy environment.

  • Able to manage time across multiple engagements.

  • Detail-oriented with strong written communication skills.

  • Motivated to pursue ongoing professional development.

About the company

Sencode is a UK-based, CREST-accredited penetration testing and cybersecurity consultancy working with public and private sector organisations across the UK and Europe. We specialise in high-quality assurance services including web, mobile, API, cloud, and infrastructure penetration testing. Our engagements focus on realistic, risk-driven testing and clear, actionable reporting rather than checklist compliance. We work with organisations ranging from scaling SaaS companies to critical-sector enterprises.

Apply for this position